Funny & Jokes

Network Security Visualization

Description
Network Security Visualization Genevieve Max & Keith Fligg April 22, 2012 Attack Scenario Gather Raw Network Data Attacker Firewall and Router OS Network Apps
Categories
Published
of 45
All materials on our website are shared by users. If you have any questions about copyright issues, please report us to resolve them. We are always happy to assist you.
Related Documents
Share
Transcript
Network Security Visualization Genevieve Max & Keith Fligg April 22, 2012 Attack Scenario Gather Raw Network Data Attacker Firewall and Router OS Network Apps Visualization Fix Vulnerabilities Three Ws of Tool Design 1 Where in the network is the attack happening? Three Ws of Tool Design 1 Where in the network is the attack happening? 2 When is the attack happening? Three Ws of Tool Design 1 Where in the network is the attack happening? 2 When is the attack happening? 3 What type of attack is happening? Visualization Answering Three Ws Firewall Log Port Scan: Processed Log Files (psad) Port Scan: Visualization Circular Visualization Pre-Attentive Objects 1 Color Pre-Attentive Objects 1 Color 2 Position Pre-Attentive Objects 1 Color 2 Position 3 Form Pre-Attentive Objects 1 Color 2 Position 3 Form 4 Motion Pre-Attentive: Color Visualization Applying Color Pre-Attentive: Postion Visualization Applying Position Pre-Attentive: Form - Shape Visualization Applying Shape Pre-Attentive: Form - Size Visualization Applying Size Pre-Attentive: Form - Orientation Visualization using Orientation Incidents Employee.Hours Personnel Cost Pre-Attentive: Form - Enclosure Visualization using Enclosure Visualization Techniques 1 No serial parsing Visualization Techniques 1 No serial parsing 2 Minimize the Number of Types Of Objects Visualization Techniques 1 No serial parsing 2 Minimize the Number of Types Of Objects 3 Minimize Non-data Ink/Pixels No Serial Parsing No Serial Parsing VS Visualization Applying No Serial Parsing Minimize the Number of Types Of Objects Minimize the Number of Types Of Objects VS Visualization Applying Minimum Objects Source Event Target (a) Link graph nomenclature (b) Destination port, source address, and destination address. (c) Destination port, destination address, and source address. Minimize Non-data Ink/Pixels # of Packets Time Minimize Non-data Ink/Pixels # of Packets Time VS # of Packets Time Visualization Applying Non-data Ink/Pixels Parallel Plots ,535 65, , Source IP addr TCP source port TCP dest port Dest IP addr Animated Parallel Plots TCP source port TCP destination port TCP source port TCP destination port Packet Packet Packet Packet Link graphs: nomenclature Source Event Target Link graphs: hidden information Demo Network Visualization Tool Demo References [1] Robert Ball, Glenn A. Fink, and Chris North. Home-centric visualization of network traffic for security administration. In In VizSEC/DMSEC 04: Proceedings of the 2004 ACM workshop on Visualization and, pages ACM Press, [2] Ryan Blue, Cody Dunne, Adam Fuchs, Kyle King, and Aaron Schulman. Visualizing real-time network resource usage. In Proceedings of the 5th international workshop on Visualization for Computer Security, VizSec 08, pages , Berlin, Heidelberg, Springer-Verlag. [3] Bill Cheswick, Hal Burch, and Steve Branigan. Mapping and visualizing the internet. In Proceedings of the annual conference on USENIX Annual Technical Conference, ATEC 00, pages 11, Berkeley, CA, USA, USENIX Association. [4] Greg Conti. Security Data Visualization: Graphical Techniques for Network Analysis. No Starch Press, [5] Anita D. DAmico and K. Whitley. The real work of computer network defense analysts. In Goodall et al. [8], pages [6] Stefano Foresti, Jim Agutter, Yarden Livnat, Shaun Moon, and Robert Erbacher. Visual correlation of network alerts. In IEEE Computer Graphics and Applications, pages IEEE, [7] J. R. Goodall. Introduction to visualization for computer security. In John R. Goodall, Gregory Conti, and Kwan-Liu Ma, editors, VizSEC 2007, Mathematics and Visualization, pages 117. Springer Berlin Heidelberg, / [8] John R. Goodall, Gregory J. Conti, and Kwan-Liu Ma, editors. VizSEC 2007, Proceedings of the Workshop on Visualization for Computer Security, Sacramento, California, USA, October 29, 2007, Mathematics and Visualization. Springer, [9] Ivan Herman, Guy Melancon, and M. Scott Marshall. Graph visualization and navigation in information visualization: A survey. IEEE Transactions on Visualization and Computer Graphics, 6:2443, January [10] Noah Iliinsky Julie Steele. Beautiful Visualization. OReilly Media, Inc., [11] Noah Iliinsky Julie Steele. Designing Data Visualizations. OReilly Media, Inc., [12] A. Komlodi, P. Rheingans, Utkarsha Ayachit, J.R. Goodall, and Amit Joshi. A user-centered look at glyph-based security visualization. In Visualization for Computer Security, (VizSEC 05). IEEE Workshop on, pages 21 28, oct References cont. [13] Kiran Lakkaraju, William Yurcik, and Adam J. Lee. Nvisionip: netflow visualizations of system state for security situational awareness. In Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security, VizSEC/DMSEC 04, pages 6572, New York, NY, USA, ACM. [14] C.P. Lee, J. Trost, N. Gibbs, Raheem Beyah, and J.A. Copeland. Visual firewall: real-time network security monitor. In Visualization for Computer Security, (VizSEC 05). IEEE Workshop on, pages , oct [15] Yarden Livnat, Jim Agutter, Shaun Moon, Robert F. Erbacher, and Stefano Foresti. A vi- sualization paradigm for network intrusion detection. In In Proceedings of the 2005 IEEE Workshop on Information Assurance And Security, pages IEEE, [16] Raffael Marty. Applied Security Visualization. Addison-Wesley Professional, [17] Jonathan McPherson, Kwan-Liu Ma, Paul Krystosk, Tony Bartoletti, and Marvin Christensen. Portvis: a tool for port-based detection of security events. In Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security, VizSEC/DMSEC 04, pages 7381, New York, NY, USA, ACM. [18] Toby Segaran. Programming Collective Intelligence. OReilly Media, Inc., [19] Colin Ware. Information Visualization: Perception for Design. Morgan Kaufmann Publishers, [20] Christopher D. Wickens, Diane L. Sandry, and Michael Vidulich. Compatibility and resource competition between modalities of input, central processing, and output. Human Factors: The Journal of the Human Factors and Ergonomics Society, 25(2):227248, 1983.
Search
Related Search
We Need Your Support
Thank you for visiting our website and your interest in our free products and services. We are nonprofit website to share and download documents. To the running of this website, we need your help to support us.

Thanks to everyone for your continued support.

No, Thanks